Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nT7VNf6OJLv_OSaS9c9Fe8K9HU4.roa
File: nT7VNf6OJLv_OSaS9c9Fe8K9HU4.roa (raw, json)
Hash identifier: HPDpf14lqPxG/21+hpYAr+xYi6h6f22nCMyEO/T4p9w=
Subject key identifier: 9D:3E:D5:35:FE:8E:24:BB:FF:39:26:92:F5:CF:45:7B:C2:BD:1D:4E
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01893A5536B6791E9188EA1496AF817520C8
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nT7VNf6OJLv_OSaS9c9Fe8K9HU4.roa
Signing time: Sun 09 Jul 2023 11:06:50 +0000
ROA not before: Sun 09 Jul 2023 11:06:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204372
IP address blocks: 163.5.99.0/24 maxlen: 24
163.5.230.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
163.5.254.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.202.0/24 maxlen: 24
163.5.210.0/24 maxlen: 24
163.5.211.0/24 maxlen: 24
163.5.216.0/24 maxlen: 24
163.5.223.0/24 maxlen: 24
163.5.226.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.161.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3a:55:36:b6:79:1e:91:88:ea:14:96:af:81:75:20:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 9 11:06:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d3ed535fe8e24bbff392692f5cf457bc2bd1d4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:89:63:9c:f6:b6:87:a6:48:0a:ca:34:47:fc:
2f:83:7e:da:e2:f8:2e:0a:e5:c6:f1:52:a6:f0:01:
3c:2f:8a:ab:95:69:e7:d3:20:98:be:da:96:76:4c:
bb:88:38:43:fb:7a:d9:dc:26:b7:0c:b1:7d:d4:24:
d5:cb:6c:3a:70:e6:22:40:96:a8:19:7d:64:81:0f:
85:97:e0:a9:a8:32:7a:4f:91:ab:30:0b:73:cb:37:
4a:fd:15:86:a4:a3:27:d5:fa:cc:2a:31:f0:6e:b3:
1d:ba:c5:f5:eb:76:ea:a7:5e:8b:ef:68:a4:57:57:
93:83:ae:f9:0c:30:99:57:29:90:70:eb:cb:dd:cc:
a0:d1:97:15:ab:e2:50:df:da:95:b5:3a:1c:7a:7e:
20:cd:6b:65:f1:30:8e:82:7a:a5:e4:ea:84:fc:c3:
48:fd:af:d2:d7:47:c9:79:d4:2a:16:8b:88:94:7e:
da:a2:09:72:33:5e:15:89:cf:3c:e0:d8:f5:0b:9a:
7c:ac:12:71:44:7c:97:b5:57:df:5a:d7:5e:36:44:
a6:f4:8e:b6:77:59:cc:94:4f:3b:7b:14:e9:0e:ae:
2b:03:b3:61:08:f3:40:27:70:34:7c:dc:6d:f9:72:
84:cc:d1:0e:12:ed:1d:dd:83:f1:e7:7a:2c:e5:bf:
be:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:3E:D5:35:FE:8E:24:BB:FF:39:26:92:F5:CF:45:7B:C2:BD:1D:4E
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nT7VNf6OJLv_OSaS9c9Fe8K9HU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.31.0/24
163.5.35.0/24
163.5.62.0/24
163.5.99.0/24
163.5.127.0/24
163.5.136.0/24
163.5.138.0/24
163.5.161.0/24
163.5.202.0/24
163.5.210.0/23
163.5.216.0/24
163.5.221.0/24
163.5.223.0/24
163.5.226.0/24
163.5.230.0/24
163.5.248.0/24
163.5.254.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:0e:41:d6:1e:48:fb:8a:10:14:e4:e4:e7:ad:30:e1:6d:f8:
de:78:57:d2:25:6c:0b:ad:11:ee:e4:59:16:25:ad:22:b8:b7:
b3:b3:f9:cf:8d:a0:ac:6f:01:bd:64:85:b2:d5:d9:9a:98:63:
e9:e2:e3:19:ff:0c:76:ca:75:70:e6:12:57:e9:0a:91:38:f3:
e5:2a:3c:d5:d7:64:7d:35:52:d8:6a:9c:75:a2:7a:60:3d:09:
aa:90:2a:e2:4f:e1:0a:51:48:88:b1:4b:1f:4e:0e:09:a0:01:
10:f3:5b:f4:b7:e6:85:e9:75:32:88:1a:74:59:57:e3:29:36:
63:62:2e:54:1c:1f:77:e6:82:f9:62:b1:fa:80:6c:cc:5f:eb:
0d:93:fa:99:bd:33:a2:73:84:03:83:2f:b9:8f:46:4f:1a:52:
3c:43:36:9e:bd:9e:55:4c:00:74:47:17:9b:52:eb:4e:3e:a6:
76:ea:09:f2:b4:24:56:7f:bb:43:86:72:39:8c:25:a9:f5:48:
73:04:cb:b6:53:04:a5:82:ed:9b:41:dc:ca:b7:f6:9e:19:db:
55:e1:9e:58:2a:e0:af:69:7d:29:de:5b:7b:7c:da:21:13:1c:
a3:e7:73:5a:81:50:19:c8:09:3b:e5:f3:c1:c9:06:2a:a8:42:
fe:28:23:95
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYk6VTa2eR6RiOoUlq+BdSDIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNzA5MTEwNjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDNlZDUzNWZlOGUyNGJiZmYzOTI2OTJmNWNmNDU3YmMyYmQxZDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIljnPa2h6ZICso0R/wvg37a4vgu
CuXG8VKm8AE8L4qrlWnn0yCYvtqWdky7iDhD+3rZ3Ca3DLF91CTVy2w6cOYiQJao
GX1kgQ+Fl+CpqDJ6T5GrMAtzyzdK/RWGpKMn1frMKjHwbrMdusX163bqp16L72ik
V1eTg675DDCZVymQcOvL3cyg0ZcVq+JQ39qVtTocen4gzWtl8TCOgnql5OqE/MNI
/a/S10fJedQqFouIlH7aoglyM14Vic884Nj1C5p8rBJxRHyXtVffWtdeNkSm9I62
d1nMlE87exTpDq4rA7NhCPNAJ3A0fNxt+XKEzNEOEu0d3YPx53os5b++NQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFJ0+1TX+jiS7/zkmkvXPRXvCvR1OMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvblQ3Vk5mNk9KTHZfT1NhUzljOUZlOEs5SFU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAowUfAwQA
owUjAwQAowU+AwQAowVjAwQAowV/AwQAowWIAwQAowWKAwQAowWhAwQAowXKAwQB
owXSAwQAowXYAwQAowXdAwQAowXfAwQAowXiAwQAowXmAwQAowX4AwQAowX+MA0G
CSqGSIb3DQEBCwUAA4IBAQCoDkHWHkj7ihAU5OTnrTDhbfjeeFfSJWwLrRHu5FkW
Ja0iuLezs/nPjaCsbwG9ZIWy1dmamGPp4uMZ/wx2ynVw5hJX6QqROPPlKjzV12R9
NVLYapx1onpgPQmqkCriT+EKUUiIsUsfTg4JoAEQ81v0t+aF6XUyiBp0WVfjKTZj
Yi5UHB935oL5YrH6gGzMX+sNk/qZvTOic4QDgy+5j0ZPGlI8QzaevZ5VTAB0Rxeb
UutOPqZ26gnytCRWf7tDhnI5jCWp9UhzBMu2UwSlgu2bQdzKt/aeGdtV4Z5YKuCv
aX0p3lt7fNohExyj53NagVAZyAk75fPByQYqqEL+KCOV
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:22 2023 by rpki-client on console-fra.rpki-client.org